- Siemens has released a security update that addresses multiple vulnerabilities in its products.
- the affected products are SIMATIC CN 4100 and Teamcenter.
- In SIMATIC CN 4100, CVE-2026-22924 (lack of authentication vulnerability) and CVE-2026-22925 (resource exhaustion vulnerability) have been identified.
- In Teamcenter, CVE-2026-33862 (cross-site scripting, a vulnerability that allows malicious scripts to be injected into web pages) and CVE-2026-33893 (hard-coded credentials, a vulnerability that contains fixed credentials within the program) have been identified.
- affected Versions are SIMATIC CN 4100 V5.0 and earlier, Teamcenter V2312 V2312.0014 and earlier and V2312.0009 and earlier, Teamcenter V2406 V2406.0012 and earlier and V2406.0006 and earlier, Teamcenter V2412 V2412.0009 and earlier, and Teamcenter V2506 V2506.0005 and earlier.
- the patch has been made available in the latest update and users of the affected products should update to the latest version as indicated.
- the post-update versions are SIMATIC CN 4100 V5.0 or later, Teamcenter V2312 V2312.0014 or later and V2312.0009 or later, Teamcenter V2406 V2406.0012 or later and V2406.0006 or later, Teamcenter V2412 V2412.0009 or later, Teamcenter V2506 V2506.0005 or later.
- sSA-032379: Multiple Vulnerabilities in SIMATIC CN 4100 Before V5.0 and SSA-827383: Multiple Vulnerabilities in Teamcenter are listed as references.
